Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Prosím o kontrolu logu

#1 Příspěvek od Karel87 »

Dobrý den, prosím o kontrolu logu, mám tyto problémy: počítač jde hodně pomalu, v prohlížeči mi neustále vyskakují reklamy a nová reklamní okna. Zde první část logu. Díky za pomoc, K.

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP450 at 2015-07-17 17:25:55
Microsoft Windows 8.1
System drive C: has 95 GB (63%) free of 150 GB
Total RAM: 3947 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:16, on 17. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\TEREZA.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\trend micro\HP450.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 3DCMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [StartW8Button] C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\HP450\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Startup: TEREZA.lnk = C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\TEREZA.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Guard Agent Service (Guard Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Handsome Hunt - Unknown owner - C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe
O23 - Service: HP HotSpot 1.0 Service (HotSpotSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem32.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StartW8Service - SODATSW spol. s .r.o. - C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Util Swift Record - Unknown owner - C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17064 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files (x86)\StartW8\bin\StartW8Service.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\StartW8\bin\StartW8Button.exe"
C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
C:\WINDOWS\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {ad4f69e8-2d71-418e-b0671bc22285f4b0}
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe"
"C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
C:\windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\System32\vds.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 7863BDC5-EF00-3130-771B-633B325D7B06 -Reinvoke
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Windows\RtsCM64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\TEREZA.exe" --startup=1
"C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
"C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe"
szndesktop.exe default start
"C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
-BootProc
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
-BootProc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3880.0.332303882\580698077" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3958 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser2/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.1.1788837835\1086033219" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.2.1680803890\495349581" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.3.1584524037\1026485772" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.4.174372771\1708339758" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.5.1156090761\390966590" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.6.2041478770\332211244" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.10.1412864389\989626486" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.11.2001960624\337506512" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.13.122813957\745455710" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.14.2047716117\2007844128" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.15.1035696257\2007418318" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.16.947636632\1420096687" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.17.927422632\70883707" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.18.1265376\483647721" /prefetch:673131151
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.20.820401955\597619728" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.21.1861179849\1555800830" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.22.1611863700\1067919167" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.23.278927405\838803814" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.24.1985650406\617641500" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.25.1722855255\703384427" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.26.378922385\1828552868" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.27.1318116385\442595170" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.28.1711899854\596076137" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.31.376587790\1653959110" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.35.1712080978\2135732844" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.36.1605685602\257599878" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.38.1632617312\1095884194" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3880.39.892467788\1960004340" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3880.40.1513235184\1111899088" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
/Skip /BackFromArmUpdate
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\WINDOWS\system32\GWX\GWX.exe"

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"D:\Dokumenty\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Bidaily Synchronize Task.job - C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\TEREZA.exe --startup=1 --single
C:\WINDOWS\tasks\eRunway.job - c:\programdata\{c790da9a-3c96-973a-c790-0da9a3c96a68}\1719547020488097049b.exe --startup=1 --single
C:\WINDOWS\tasks\SpeakerBang.job - c:\programdata\{39911cb9-f898-5acc-3991-11cb9f8972e7}\1170165597150379137b.exe --startup=1 --single
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\extensions\
ecihqcv_ktcg@mrnoqdkitiqvvlik.org
lmzzlpziy_syqte@tnzcmktqytikz.org
staged
zc@r1.edu
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-06-16 2335448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-09 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-05-13 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-09 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsCM"=C:\WINDOWS\RTSCM64.EXE [2013-03-07 144456]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-10-01 448912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe []
"Persistence"=C:\windows\system32\igfxpers.exe []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30 2804976]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-04 1702912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-16 53288576]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"cz.seznam.software.autoupdate"=C:\Users\HP450\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984]
"PPort12reminder"=C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992]
"PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"StartW8Button"=C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [2014-12-15 59752]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\HP450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TEREZA.lnk - C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\TEREZA.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-17 17:25:56 ----D---- C:\Program Files\trend micro
2015-07-17 17:25:55 ----D---- C:\rsit
2015-07-17 14:05:18 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-07-17 14:05:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-07-17 14:05:08 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-07-17 13:24:17 ----D---- C:\ProgramData\neioaaiakenodaelkbfjkhhehanoiklh
2015-07-17 13:24:09 ----D---- C:\Program Files (x86)\ALlSaver
2015-07-16 20:40:29 ----D---- C:\ProgramData\{a495eb9d-37f1-0179-a495-5eb9d37fae74}
2015-07-16 19:58:17 ----D---- C:\ProgramData\popkdpahlelobkjbgblfpohffeomejfe
2015-07-08 22:53:43 ----A---- C:\WINDOWS\system32\Hibiki.dll
2015-07-07 14:30:26 ----D---- C:\Program Files (x86)\Handsome Hunt
2015-07-02 07:00:33 ----D---- C:\ProgramData\{c790da9a-3c96-973a-c790-0da9a3c96a68}
2015-06-26 14:30:49 ----D---- C:\ProgramData\{39911cb9-f898-5acc-3991-11cb9f8972e7}
2015-06-23 12:48:06 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-06-23 12:48:06 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-06-23 12:48:05 ----A---- C:\WINDOWS\system32\invagent.dll
2015-06-23 12:48:05 ----A---- C:\WINDOWS\system32\devinv.dll
2015-06-23 12:48:05 ----A---- C:\WINDOWS\system32\aepic.dll
2015-06-23 12:48:05 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-06-23 12:48:04 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-06-23 12:47:59 ----A---- C:\WINDOWS\system32\aepdu.dll

======List of files/folders modified in the last 1 month======

2015-07-17 17:25:56 ----RD---- C:\Program Files
2015-07-17 17:25:30 ----D---- C:\WINDOWS\Prefetch
2015-07-17 17:10:46 ----D---- C:\WINDOWS\WinSxS
2015-07-17 17:09:38 ----SHD---- C:\WINDOWS\Installer
2015-07-17 17:09:38 ----SHD---- C:\Config.Msi
2015-07-17 17:09:38 ----RSD---- C:\WINDOWS\assembly
2015-07-17 17:09:38 ----D---- C:\WINDOWS\Temp
2015-07-17 17:07:47 ----D---- C:\ProgramData\Microsoft Help
2015-07-17 17:06:30 ----D---- C:\WINDOWS\CbsTemp
2015-07-17 17:00:24 ----D---- C:\WINDOWS\system32\config
2015-07-17 17:00:02 ----D---- C:\WINDOWS\system32\sru
2015-07-17 16:59:02 ----D---- C:\Users\HP450\AppData\Roaming\Skype
2015-07-17 16:54:28 ----D---- C:\WINDOWS\SysWOW64
2015-07-17 16:51:55 ----A---- C:\WINDOWS\win.ini
2015-07-17 16:45:35 ----RD---- C:\WINDOWS\System32
2015-07-17 16:45:34 ----D---- C:\Program Files\Internet Explorer
2015-07-17 16:43:51 ----D---- C:\WINDOWS\system32\drivers\etc
2015-07-17 16:37:24 ----D---- C:\WINDOWS\system32\MRT
2015-07-17 16:35:13 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-07-17 16:35:13 ----SD---- C:\WINDOWS\system32\GWX
2015-07-17 16:31:54 ----D---- C:\WINDOWS\apppatch
2015-07-17 14:08:35 ----D---- C:\WINDOWS\system32\Tasks
2015-07-17 13:32:41 ----D---- C:\WINDOWS\system32\catroot2
2015-07-17 13:30:57 ----D---- C:\Users\HP450\AppData\Roaming\Seznam.cz
2015-07-17 13:27:00 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-17 13:24:28 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-07-17 13:24:17 ----HD---- C:\ProgramData
2015-07-17 13:24:09 ----RD---- C:\Program Files (x86)
2015-07-17 13:23:04 ----D---- C:\WINDOWS\Tasks
2015-07-17 13:21:25 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-07-17 13:21:25 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-07-17 13:20:57 ----D---- C:\WINDOWS\system32\wbem
2015-07-17 13:20:55 ----D---- C:\Program Files\Windows Defender
2015-07-17 13:20:46 ----D---- C:\Windows
2015-07-17 13:18:48 ----SD---- C:\WINDOWS\system32\CompatTel
2015-07-17 13:18:48 ----D---- C:\WINDOWS\WinStore
2015-07-17 13:18:48 ----D---- C:\WINDOWS\system32\drivers
2015-07-17 13:18:48 ----D---- C:\WINDOWS\system32\cs-CZ
2015-07-17 13:18:48 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-07-17 13:18:48 ----D---- C:\WINDOWS\system32\appraiser
2015-07-17 13:18:48 ----D---- C:\WINDOWS\Inf
2015-07-17 13:18:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-17 13:18:38 ----RD---- C:\WINDOWS\ToastData
2015-07-17 13:18:37 ----D---- C:\WINDOWS\system32\Sysprep
2015-07-17 13:18:36 ----D---- C:\WINDOWS\servicing
2015-07-17 13:18:32 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-07-17 13:18:31 ----RD---- C:\Program Files (x86)\Skype
2015-07-17 13:18:31 ----D---- C:\ProgramData\McAfee Security Scan
2015-07-17 13:18:31 ----D---- C:\Program Files\Common Files\microsoft shared
2015-07-17 13:18:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-17 13:18:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-07-17 13:18:23 ----D---- C:\Program Files (x86)\GreenTree Applications
2015-07-17 13:18:15 ----D---- C:\Program Files (x86)\7-Zip
2015-07-17 13:15:16 ----HD---- C:\Program Files\WindowsApps
2015-07-17 13:10:45 ----D---- C:\WINDOWS\registration
2015-07-17 13:09:42 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-17 13:08:54 ----D---- C:\ProgramData\Skype
2015-07-17 13:08:02 ----D---- C:\Program Files (x86)\Microsoft Office
2015-07-17 13:07:30 ----D---- C:\Program Files (x86)\Common Files
2015-07-17 13:05:10 ----SHD---- C:\System Volume Information
2015-07-17 13:00:23 ----D---- C:\WINDOWS\Logs
2015-07-14 18:51:55 ----D---- C:\WINDOWS\AppReadiness
2015-07-10 13:21:32 ----D---- C:\ProgramData\StartW8
2015-07-08 22:53:49 ----D---- C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}
2015-07-07 13:22:55 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-06 23:24:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-03 08:43:04 ----A---- C:\WINDOWS\system32\MRT.exe
2015-07-01 09:20:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu - druhá část logu

#2 Příspěvek od Karel87 »

Prosím o kontrolu logu - zde druhá část. Děkuji, K.


======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2012-12-19 58952]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2012-12-19 48200]
R0 hpdskflt;@oem32.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2013-03-02 30520]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-01-02 641672]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 EUDSKACS;EUDSKACS; \??\C:\windows\system32\drivers\eudskacs.sys [2012-12-19 18504]
R1 EUFDDISK;EUFDDISK; \??\C:\windows\system32\drivers\EuFdDisk.sys [2012-12-19 189000]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 Accelerometer;@oem32.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2013-03-02 43320]
R3 BtAudioBusSrv;@oem16.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-12-05 49632]
R3 clwcsm;@oem24.inf,%clwcsm.DeviceDesc%;CyberLink Webcam Sharing Manager 4.2; C:\WINDOWS\system32\DRIVERS\clwcsm.sys [2013-02-19 42944]
R3 HpqKbFiltr;@oem10.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2013-01-29 26504]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-12-13 342528]
R3 iwdbus;@oem44.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 MEIx64;@oem38.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-12 62784]
R3 netr28x;@oem31.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-04 2505904]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem26.inf,%General.Service.DispName%;RTBTH Bluetooth DEVICE DRIVER; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-26 772680]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;HP HD Webcam [Fixed]; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-03-07 8243144]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-02-04 544768]
R3 SynTP;@oem25.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem52.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem43.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 RSP2STOR;@oem4.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-01-11 28400]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2013-01-11 32496]
S3 ssudmdm;@oem54.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2012-12-19 69192]
R2 Guard Agent;Guard Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2012-12-19 23624]
R2 Handsome Hunt;Handsome Hunt; C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe [2015-07-07 8016404]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
R2 hpsrv;@oem32.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2013-03-02 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-02 15496]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-01 319376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-10-22 130592]
R2 jhi_service;Intel(R) Dynamic Application Loader HOST Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-10-22 166432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-10-22 278560]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-04 332800]
R2 StartW8Service;StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [2014-12-15 620392]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-22 365600]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-06-05 266240]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-01-23 1006424]
S2 3733a40e;PatternGenerators; C:\WINDOWS\syswow64\rundll32.exe [2014-10-29 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S2 Util Swift Record;Util Swift Record; C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 HotSpotSrv;HP HotSpot 1.0 Service; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [2012-12-19 357816]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 McComponentHostService MCAFEE SECURITY SCAN Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-08 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]

-----------------EOF----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#3 Příspěvek od Márty84 »

Zdravim :)

:arrow: Odinstalujte Spybota, program je zastaraly.

:arrow: Odinstalujte McAfee Security Scan.


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu

#4 Příspěvek od Karel87 »

Děkuji za radu, vyplivlo to tenhle log:

# AdwCleaner v4.208 - Log vytvořen 17/07/2015 v 19:39:48
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : HP450 - HP-450
# Spuštěno z : D:\Dokumenty\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : {6078c10f-b611-49db-8c42-7befb24f31c4}Gw64
Služba Smazáno : {6cd409f4-25b8-4703-a867-87df6c4d5ef3}Gw64
Služba Smazáno : {cc936201-ac67-45ee-af8f-e121e4b8d68c}Gw64
[#] Služba Smazáno : 3733a40e

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\9373399262002757239
Složka Smazáno : C:\ProgramData\{39911cb9-f898-5acc-3991-11cb9f8972e7}
Složka Smazáno : C:\ProgramData\{a495eb9d-37f1-0179-a495-5eb9d37fae74}
Složka Smazáno : C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}
Složka Smazáno : C:\ProgramData\{c790da9a-3c96-973a-c790-0da9a3c96a68}
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\GreenTree Applications
Složka Smazáno : C:\Program Files (x86)\Swift Record
Složka Smazáno : C:\Program Files (x86)\bestadblocker
Složka Smazáno : C:\Program Files (x86)\ALlSaver
Složka Smazáno : C:\Program Files (x86)\RaniddomPriecE
Složka Smazáno : C:\Program Files (x86)\UniDeals
Složka Smazáno : C:\Users\HP450\AppData\Local\Temp\Swift Record
Složka Smazáno : C:\Users\HP450\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\zc@r1.edu
Složka Smazáno : C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc
Složka Smazáno : C:\ProgramData\hifebmoahagbmobpngdgibgcdaedcbpd
Složka Smazáno : C:\ProgramData\neioaaiakenodaelkbfjkhhehanoiklh
Složka Smazáno : C:\ProgramData\popkdpahlelobkjbgblfpohffeomejfe
Soubor Smazáno : C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejocekekgcaldnmjngfdbmbeebcekelc_0.localstorage
Soubor Smazáno : C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejocekekgcaldnmjngfdbmbeebcekelc_0.localstorage-journal
Soubor Smazáno : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
Soubor Smazáno : C:\Program Files (x86)\prefs.js
Soubor Smazáno : C:\WINDOWS\System32\drivers\{6078c10f-b611-49db-8c42-7befb24f31c4}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{6cd409f4-25b8-4703-a867-87df6c4d5ef3}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{cc936201-ac67-45ee-af8f-e121e4b8d68c}Gw64.sys
Soubor Smazáno : C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\user.js

***** [ Naplánované úlohy ] *****

Úloha Smazáno : Bidaily Synchronize Task

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\1f848509-0d64-dc81-db68-2161d0a360e1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{3733a40e}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA164BF8-11D2-CE28-1BD1-236D9A5C326F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}
[#] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 cs)

[32szka3d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.crossrider.bic", "14d9620b745b50862bf2fd0ffa4124d5");

-\\ Google Chrome v43.0.2357.134


*************************

AdwCleaner[R0].txt - [6647 bytů] - [17/07/2015 19:36:34]
AdwCleaner[R1].txt - [6705 bytů] - [17/07/2015 19:38:12]
AdwCleaner[S0].txt - [5817 bytů] - [17/07/2015 19:39:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5875 bytů] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#5 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu

#6 Příspěvek od Karel87 »

Hotovo, vkládám výsledek :)


Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 10
PUP.Optional.SwiftRecord.A, HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0759D61F-3673-416F-85D2-58B847E78DDF}, , [27b2c31f3555f93d5b7380015ba76c94],
PUP.Optional.SwiftRecord.A, HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0759D61F-3673-416F-85D2-58B847E78DDF}, , [27b2c31f3555f93d5b7380015ba76c94],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [8d4c984afa90ab8b68b7f69df3111fe1],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [8653e7fba2e8a690832d23e42ad959a7],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [f7e20ad876142c0abc63771c3dc7ce32],
PUP.Optional.SwiftRecord.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Swift Record, , [5980a83acebc81b56196f7149a691fe1],
PUP.Optional.AppLid.A, HKU\S-1-5-18\SOFTWARE\App Lid-nv, , [2dac756da2e889ad5263ec3353b0a45c],
PUP.Optional.AppLid.A, HKU\S-1-5-18\SOFTWARE\App Lid-nv-ie, , [9247e4fe078344f27e37ff20f3101ae6],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [eced489a375390a68359503d13f12bd5],
PUP.Optional.AppLid.A, HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\SOFTWARE\App Lid-nv-ie, , [7f5ada084644e2544075e53a0300857b],

Hodnoty registru: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [8d4c984afa90ab8b68b7f69df3111fe1]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [f7e20ad876142c0abc63771c3dc7ce32]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.GlobalUpdate.A, C:\Users\HP450\AppData\Local\Temp\comh.112520, , [4f8a36ac9febe155bc2beef7e220b050],

Soubory: 36
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ALlSaver\OJnnyGoMUiSMWl.exe.vir, , [d504c51d0d7dd16512c401796a97a759],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\bestadblocker\3OMeEwQB2VgACE.exe.vir, , [a2370ed462286bcb99be45538a77d62a],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir, , [f3e6e1012b5f2a0cf1e6cde6946d7e82],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RaniddomPriecE\0Cui9gemIuqmTu.exe.vir, , [7e5bb62c7e0cd95d5a7c0f6bd22f40c0],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\UniDeals\UniDeals.exe.vir, , [0ecbdd054e3cd16522356f29af52619f],
PUP.Optional.Multiplug.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\UniDeals\yYc7f7Ynp6oQTA.exe.vir, , [845539a917738da9ce896d2b23dedf21],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\{39911cb9-f898-5acc-3991-11cb9f8972e7}\1170165597150379137b.exe.vir, , [7e5b18ca8bff20166637a217936e8977],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\Toulava ... kardiozitek i pro Tebe!!.exe.vir, , [f2e7c41e37537eb82e49326b7b860bf5],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\{c790da9a-3c96-973a-c790-0da9a3c96a68}\1719547020488097049b.exe.vir, , [35a407db3d4d2e08b2ebdcddbb467d83],
PUP.Optional.SwiftRecord.A, C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{6078c10f-b611-49db-8c42-7befb24f31c4}Gw64.sys.vir, , [dbfeca186228270f1cc191d5669f23dd],
PUP.Optional.SwiftRecord.A, C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{6cd409f4-25b8-4703-a867-87df6c4d5ef3}Gw64.sys.vir, , [fedb14cec6c48da920bdd2940005ba46],
PUP.Optional.SwiftRecord.A, C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{cc936201-ac67-45ee-af8f-e121e4b8d68c}Gw64.sys.vir, , [d207667c5f2b0a2c0fcee5817194659b],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PatternGenerators\PatternGenerators.dll, , [31a85c86e1a9171f34e25646b051f808],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\SingleFile\SingleFile.exe, , [dcfd8b579dedc07697c09701669b9868],
PUP.Optional.Somoto.A, C:\Users\HP450\AppData\Local\Temp\appshat_generic.exe, , [35a4f1f18efc072f8b96968ef60a05fb],
PUP.Optional.SwiftRecord.A, C:\Users\HP450\AppData\Local\Temp\2863.tmp, , [1fbafae899f10036dffe432365a0659b],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\globalupdate.exe, , [865302e0f4967fb7fe9dc4cb81806f91],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\globalupdateBroker.exe, , [38a1c41ef19941f58a118e0115ec669a],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\globalupdateCrashHandler.exe, , [f1e8c51d8208be781982c9c64cb53cc4],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\globalupdateOnDemand.exe, , [6079994921690a2cafec0d829a674ab6],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\goopdate.dll, , [ebee35adc3c7122484175d32877a956b],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\goopdateres_en.dll, , [3b9e974bbad04de9a4f7107fbc45936d],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\npglobalupdateUpdate4.dll, , [c811766cf59510265645800fac5554ac],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\psmachine.dll, , [9f3a7e648703181ee1ba622d55ace917],
PUP.Optional.ModGoog, C:\Users\HP450\AppData\Local\Temp\comh.112520\psuser.dll, , [c019568c7614a4929dfee6a9ce3338c8],
PUP.Optional.Multiplug.A, C:\Windows\Temp\tmpp7i7qx\grFaiy0BJCJS35Y.exe, , [fcdd578b206ae353c70f0d6d28d99868],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmpcjuzhw\dbghelp.dll, , [578203dfd3b7b87e34a308ab4eb35ca4],
PUP.Optional.Multiplug.A, C:\Windows\Temp\tmpktkl1d\XFFEbjk1xMV5gaE.exe, , [a73299498a0013236c6aabcf847d649c],
PUP.Optional.Multiplug.A, C:\Windows\Temp\tmp4m8ov1\Q6ORWRmspW4MTzd.exe, , [6a6f0dd589010a2c01d5fa80fd046799],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmp5k0f1x\dbghelp.dll, , [d7028e54127885b1c512357ee61be818],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmp6fybfc\dbghelp.dll, , [5f7a26bcd1b93df9894ee5ce3ac738c8],
PUP.Optional.Multiplug.A, C:\Windows\Temp\tmpsbxr1v\8HLhYEQLKU90qo1.exe, , [3f9a578b5733d5617d597406c938ff01],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmpxsrpkv\dbghelp.dll, , [4990568c058565d15582704328d94ab6],
PUP.Optional.SpeakerBang.A, C:\Windows\System32\Tasks\SpeakerBang, , [c41599495f2baa8cea619b69c241d42c],
PUP.Optional.SpeakerBang.A, C:\Windows\Tasks\SpeakerBang.job, , [21b8855da9e1af875af2659ffa090000],
PUP.Optional.GlobalUpdate.A, C:\Users\HP450\AppData\Local\Temp\comh.112520\globalupdateHelper.msi, , [4f8a36ac9febe155bc2beef7e220b050],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#7 Příspěvek od Márty84 »

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu

#8 Příspěvek od Karel87 »

Zde kopíruji výsledek, reklamy v prohlížeči stále vyskakují a počítač je stále extrémně pomalý...

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 18. 7. 2015
Čas skenování: 10:17
Protokol: mbam - druhý scan.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.18.01
Databáze rootkitů: v2015.07.17.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: HP450

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 582814
Uplynulý čas: 2 hod, 43 min, 36 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#9 Příspěvek od Márty84 »

:arrow: MBAM muzete odinstalovat.


:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu

#10 Příspěvek od Karel87 »

Výsledek Cyrstaldisk:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/07/18 13:31:16

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- HGST HTS545050A7E380
- hp DVD A DU8A5SH
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) HGST HTS545050A7E380 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) HGST HTS545050A7E380
----------------------------------------------------------------------------
Model : HGST HTS545050A7E380
Firmware : GG2OACA0
Serial Number : TM8513PY0S6EUL
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 819 hod.
Power On Count : 489 krát
Temparature : 37 C (98 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 214 100 _33 000E00000001 Čas na roztočení ploten
04 100 100 __0 0000000001EE Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _99 _99 __0 000000000333 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000001E9 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 0000000C0000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _63 _55 _45 000017250025 Teplota toku vzduchu
BF 100 100 __0 0000000000FB Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000090009 Počet vypnutí disku
C1 _98 _98 __0 000000006123 Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 544D 3835 5059 5059 3053 3645 554C
020: 0003 4000 0004 4747 324F 4130 4130 4847 5354 2048
030: 5453 3534 3530 3530 4137 3830 3830 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0D06 0D06 0000 004C 0048
080: 01FC 0028 706B 7C09 6123 BC09 BC09 6123 203F 0038
090: 0039 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 826C 5000 CCA7
110: D1CA 8CBB 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 3A00 4000 4000 0400 0003 0000
140: 0000 0504 0803 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3248 4243 0000 0000 0000 5DBD 2388 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 23A5



Výsledek Junkware:

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 8.1 x64
Ran by HP450 on so 18. 07. 2015 at 13:35:49,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{11FBFE26-280F-467F-A252-5A347116187C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Swift Record



~~~ Files

Successfully deleted: [File] C:\Users\HP450\AppData\Roaming\appdataFr25.bin



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\patterngenerators



~~~ FireFox

Successfully deleted: [Folder] C:\Users\HP450\AppData\Roaming\mozilla\firefox\profiles\32szka3d.default\extensions\staged
Successfully deleted the following from C:\Users\HP450\AppData\Roaming\mozilla\firefox\profiles\32szka3d.default\prefs.js

user_pref(extensions.ADfvJf8OtKnI07sU.scode, (function(){try{if(window.location.href.indexOf(\rjkGqHgFqjaFrHCGrjk6qdY4rHw\)>-1){return;}}catch(e){}try{var d=[[\investkin
user_pref(extensions.Rm73PBwjqmzfnKa6.scode, (function(){try{if(window.location.href.indexOf(\rjkGqHgFqjaFrHCGrjk6qdY4rHw\)>-1){return;}}catch(e){}try{var d=[[\investkin
user_pref(extensions.Rm73PBwjqmzfnKa6.url, hxxp://superiend.info/sync2/?q=hfZ9oehSBfwMCyVUojs9qds9tMqLDe49CNU0n8OMCMlNhd9Fqja8rTwEqTa5rjaMBzqUojw8rdkGqHa8rHaEqih7hfs0pihPBM
user_pref(extensions.foxcub.config.encodedConfig, {\core\:{\configUrl\:\hxxp://download.seznam.cz/software/conf/\,\configUrlSecure\:\hxxps://download.seznam.cz/sof
user_pref(extensions.foxcub.speedDial.RSS, true);
user_pref(extensions.foxcub.speedDial.TimeResponce, 300);
user_pref(extensions.foxcub.speedDial.enabled, true);
user_pref(extensions.foxcub.speedDial.firstRun, true);
user_pref(extensions.foxcub.speedDial.items, [{\type\:\simple\,\bookmarkId\:-1,\url\:\hxxp://www.seznam.cz/\,\title\:\Seznam \\u2013 Najdu tam, co hled\\u00e1m
user_pref(extensions.foxcub.speedDial.nosync, );
user_pref(extensions.foxcub.speedDial.pageType, big);
user_pref(extensions.foxcub.speedDial.settings, {\background\:{\image\:\bg-grass-dog.png\,\color\:\transparent\,\position\:\right bottom\}});
user_pref(extensions.foxcub.speedDial.skin, 3);
user_pref(extensions.z8WLEsVU8nJcd9pp.scode, (function(){try{if(window.location.href.indexOf(\rjkGqHgFqjaFrHCGrjk6qdY4rHw\)>-1){return;}}catch(e){}try{var d=[[\investkin



~~~ Chrome


[C:\Users\HP450\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\HP450\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\HP450\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\HP450\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
bopakagnckmlgajfccecajhnimjiiedh,
ejocekekgcaldnmjngfdbmbeebcekelc
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 18. 07. 2015 at 13:42:29,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Výsledek Zoek:

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by HP450 on so 18. 07. 2015 at 13:50:23,93.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Dokumenty\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18. 7. 2015 13:51:36 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 deleted successfully
C:\PROGRA~3\PDFC deleted successfully
C:\Users\HP450\AppData\Local\PDFC deleted successfully
C:\Users\HP450\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\prefs.js:

Added to C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default

user.js not found
---- Lines Swift Record removed from prefs.js ----
user_pref("extensions.Swift Record.asul", "1433154863869");
user_pref("extensions.Swift Record.aul", "1433155673654");
user_pref("extensions.Swift Record.irl", true);
user_pref("extensions.Swift Record.is", "smp1cz");
user_pref("extensions.Swift Record.ug", "73F12A1C-6FB8-431C-A746-31DD546D346D");
---- Lines extensions.ADfvJf8OtKnI07sU removed from prefs.js ----
user_pref("extensions.ADfvJf8OtKnI07sU.epoch", "1432791005");
user_pref("extensions.ADfvJf8OtKnI07sU.url", "http://bloggerstoryget.info/sync2/?q=hf ... Tr4qdCMBzq
---- Lines extensions.Rm73PBwjqmzfnKa6 removed from prefs.js ----
user_pref("extensions.Rm73PBwjqmzfnKa6.epoch", "1432791006");
---- Lines extensions.z8WLEsVU8nJcd9pp removed from prefs.js ----
user_pref("extensions.z8WLEsVU8nJcd9pp.epoch", "1432791007");
user_pref("extensions.z8WLEsVU8nJcd9pp.url", "http://jpiservice.info/sync2/?q=hfZ9oem ... U9qchIC7n0
---- FireFox user.js and prefs.js backups ----

prefs_201518.07._1402_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Handsome Hunt deleted
C:\PROGRA~2\SingleFile deleted
C:\windows\SysNative\Tasks\eRunway deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default
- StartCoup - %ProfilePath%\extensions\ecihqcv_ktcg@mrnoqdkitiqvvlik.org
- NoMore Ads - %ProfilePath%\extensions\lmzzlpziy_syqte@tnzcmktqytikz.org

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default
D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
FD82108FD60B63010325D9AF6F00AF99 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash
AFAAF20CE491E1844AF7408EE42432AF - C:\WINDOWS\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.134


https //mynamedomain.koko/00 - HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
https //mynamedomain.koko/00 - HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaboflcmhejfihjcbmdiebgfchigjcf

==== Chromium Startpages ======================

C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Preferences
ences":{},"install_time":"13077661411669394","lastpingday":"13081503600913916","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"cs","default_locale":"en","description":"Rychlý e-mail s možností vyhledávání a menším množstvím spamu.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://mynamedomain.koko/00","version": ... ons":{"api":["contextMenus","cookies","management","notifications","storage","tabs"],"explicit_host":["http://*/*","https://*/*"],"scriptable_host":["http://*/*","https://*/*"]},"creation_flags":38,"from_bookmark":false,"from_webstore":false,"granted_permissions":{"api":["contextMenus","cookies","management","notifications","storage","tabs"],"explicit_host":["http://*/*","https://*/*"],"scriptable_host":["http://*/*","https://*/*"]},"incognito":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13081543096000000","location":4,"path":"C:\\ProgramData\\popkdpahlelobkjbgblfpohffeomejfe\\","state":1,"was_installed_by_default":false}}},"pinned_tabs":[],"prefs":{"preference_reset_time":"13081693487963303"},"protection":{"macs":{"browser":{"show_home_button":"2686D31B525F610A802DD21AEAE4CA7DD8F9F741102104DCD9339966556778D6"},"default_search_provider":{"keyword":"6F7789CEC76E5AEC7269AE5D348111CEE4131671E844F74FD62CF6B4ABC7D603","name":"67DC52378703EDEE3FC679C34920A89B3A55A5BFE40E12E200C5F4209FA0A4F4","search_url":"4C89516B41BD5F43EB18607A584B37E49CC1A14EBC9B25A36E49CEE32A241C09"},"default_search_provider_data":{"template_url_data":"6B349A90E1918C75FADC582A05979FDCE7EA3F7933E235DEBE5503280CCBBD50"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"89F29D254A0F1288A302BDF40473C75B837AFB2EC8422F178D27CB482ED2AA3C","ahfgeienlihckogmohjhadlkjgocpleb":"4F9545C9837686F7BD28D8812367476140EAC9C2B43A62DE2C4FBED898D3C208","aohghmighlieiainnegkcijnfilokake":"069AFD8C40A8CDB3050A57FA071FCCC109F49D6D06622EFBA9C5FC321A7F7A2D","apdfllckaahabafndbhieahigkjlhalf":"A1E5E9FD00D8023E9ADF6F5C19C6B5CFD89D0F830B4780BDBA1517E75DADC174","bepbmhgboaologfdajaanbcjmnhjmhfn":"C67BDF2AE474B3A414F69C79FC1D5AE690650EED403771CDEFDA2A8D7B1FA4B2","blpcfgokakmgnkcojhhkbfbldkacnbeo":"06B577AA122AF919C2927A22DA723C18B241923C7760417B5CA31354CD99B8DF","bpalbafapjppdcodpinpljegahddmcod":"8A29E02691D1823F62745DC72BAF3F2FA54DCA19692DB23DE86AC25ED343FD80","coobgpohoikkiipiblmjeljniedjpjpf":"77A83254EC8DB7005A7B69308CA364B8435A9F30F5AB953FBAD3AB035BF276FF","eemcgdkfndhakfknompkggombfjjjeno":"66B4ED0B276F63FDC122FAA251419BF58816D9A9442803838107B12E7D97A6C9","ennkphjdgehloodpbhlhldgbnhmacadg":"3F530548AB4715E818F504EE614C9CAF92FCA4ADF83776B28540263F425A4940","felcaaldnbdncclmgdcncolpebgiejap":"67A68005FFCE155DBE5CE4A310EDAE366E3CF4368A32FFA63A8E1C6159C11A2A","gfdkimpbcpahaombhbimeihdjnejgicl":"D6D9699BBB73BDDDA868CB838B5B45DD75550B8D842FC095FB73BD56DA44EF29","gighmmpiobklfepjocnamgkkbiglidom":"128AE14B09F8C9E6F7991667D3FF098D104A1C5C4729D4E5C88EBF4223B60FA0","kmendfapggjehodndflmmgagdbamhnfd":"4AE3509D0299276C4FCCAE820F4F6B88A2A40344D86965A15C828048BFFC40C6","lojpenhmoajbiciapkjkiekmobleogjc":"44FB6017150983A9C42FABA9D65E6AFF3267928C60A9B7C6942A971E94FA909C","mdaboflcmhejfihjcbmdiebgfchigjcf":"546DA2DFE6F62A24D65073182B3B8A4A346300DCD622B79921CD60DF998AB52D","mfehgcgbbipciphmccgaenjidiccnmng":"5D67158488CC8510BCA23B72AD225D313BF8752D46240BE65FBD6EE4F932E0B4","mfffpogegjflfpflabcdkioaeobkgjik":"759D3B84F4D98FB8303094566FEA38DCFC0CD9604421C428F3A17BB8F9D582BE","mgndgikekgjfcpckkfioiadnlibdjbkf":"70DC2810C4ADEFAF50CFAFFB109096EA0B8B34BB5C79CCBB3BE411837F9D85E5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"DFD429F406682C21AA585709853C3E54AC73234D031A65EF45A7210CEE3A4A57","mmebmmnpohfhoknnlpohjaembcipocaa":"1E6937567089C92456BEF42F3CD6D6A5A86D361095D4873C369F85419190BEB1","nadgncfcmfclmigpcgmggjjjpbjeiebi":"60B0D66ACC529617FFB38B3D13FAC1D738B76324C4E0D2E25E7BE1B5B7B87807","neajdppkdcdipfabeoofebfddakdcjhd":"68BCD72A300EE2363A83BF0EACC2BAE9CB3B9D0A22988D0B89F8C137B7B8E0A3","neioaaiakenodaelkbfjkhhehanoiklh":"AE902699C0040F18134993B04A4B9E5091384E466528FAC947B6D4B41F5F1646","nkeimhogjdpnpccoofpliimaahmaaome":"16A3D7FD34EB24FFDD722DC7DCFC0AD863AABFFD264062402F88EE7B4895936E","nmmhkkegccagdldgiimedpiccmgmieda":"B9F51FA86911FB47059541683448C914F3E16D6AB8C49DC30FB3E111BB4D94DE","ogminpmldncgcmokldnmmapddoccmhfl":"392ABC1A910FA5B7A9FEEA6F77BD86E8BCE22352E68191B4C94DC95F4D6F37DB","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"8B7E7DEA27F70DB7EAEA1CD711B5F20FC22F3D969A5D0C3C36B98A3098ED3BF5","pjkljhegncpnkpknbcohdijeoejaedia":"5AE1809668EAC69D38380D0571200EB79572B9C5F7DB8B6479141D16F7A6FD55","popkdpahlelobkjbgblfpohffeomejfe":"DE86DA01BD77FC39BA2F1C128F7EE50082FBE7EB2B554F8EDB0E8E4A60B80CB8"}},"google":{"services":{"last_username":"E0930EE324602FF4B68EEAB3D9BFEAEB71C71BF334F321713E4109AB3047A2A8","username":"EC6CEB25072C883FABE2EEA6067D7996229CA2DA23B2CF500439A6619623AE1C"}},"homepage":"2B62AFA1C3AEE2D91BFDAAE7A004A59F21E271399C708D4696060B293E74AFAD","homepage_is_newtabpage":"FA32D0DD563E29F46F2167AB13F9124E368B8EB756A49F0445E555762EDF83FC","pinned_tabs":"EA2AC2C5E041E308BBA44BE8868AB2E15919E12E8E6D3641616EB27C110A93C1","prefs":{"preference_reset_time":"A4B6CA4D944BAD10DF734C24DB9032428AA76937994769F3C9FBF707BA36ABAF"},"profile":{"reset_prompt_memento":"53EFEAAFC3F5DA1DCBAFDA8B76983E7636958EFCD0406DF94FC54A8B806DEA95"},"safebrowsing":{"incidents_sent":"E68BCCA45A2FC2DDCA005E97F11532434D79C4DC4049278D93D45DCBD2E0C742"},"search_provider_overrides":"EB84A693051CC3BB055E02BBB1690462939718470150E23AA93E50600BEBC6A8","session":{"restore_on_startup":"D38C46C1FF0FF3F90D1BE59AC28C604ACCBE9E1470F1722769016B9D4FA56A6B","startup_urls":"A94E30DEB4662ADCDF30CF95D99215C4747CDF7A254B50368CE54743412DECBA"},"software_reporter":{"prompt_reason":"61ED020FF455F468AD884C77D1333D24C15D901F1F4279ED888B3DF8A765F2C8","prompt_seed":"DFDD4F6D128F4FE0C767278D995FD7BB8C34AD4AFFC64E726A09ED9774D4984A","prompt_version":"AE411633F2A6B9093EE4A904B9C410549BEC51C64125BAC0592EC0DAF0D784DF"},"sync":{"remaining_rollback_tries":"EA581E00734115CD501F34F9F105FA9A2916E15D3A836286221BF89AA33B97B6"}},"super_mac":"0A7102D34CA665A25AEE7A815E81256528F3152EBAB3950A6515FF5DEE66CE08"},"safebrowsing":{"incidents_sent":{"1":{"extensions.settings":"2196307680"},"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"restore_on_startup":1}}


==== Chromium Fix ======================

C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaboflcmhejfihjcbmdiebgfchigjcf deleted successfully
C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdaboflcmhejfihjcbmdiebgfchigjcf_0.localstorage deleted successfully
C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdaboflcmhejfihjcbmdiebgfchigjcf_0.localstorage-journal deleted successfully
C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mdaboflcmhejfihjcbmdiebgfchigjcf deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSE1"
"Default_Page_URL"="http://www.bing.com?pc=CMNTDFJS"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.msn.com/?pc=MSE1"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{500CC1DD-8252-41A8-9299-46BB247335E5} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{6430A443-9CC0-4AD0-9940-987C1058884C} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{6D9E202B-FCE8-4528-B864-775725DDDDBE} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{72A11BFD-569E-43D3-8E14-A26B4B49FD04} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{B012C108-BE00-43B0-A5E6-3EB8191D00DD} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{B1FD2D1F-DF72-4F68-BA19-3FA2BF6B3615} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{E4ABFF9C-BFB2-4FDC-A8CE-83A0967D9CC4} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{FD456E0A-616D-493C-A8DB-46C36786ECF9} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\HP450\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\HP450\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\HP450\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\HP450\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\HP450\AppData\Local\Mozilla\Firefox\Profiles\32szka3d.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=37 folders=29 30417327 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HP450\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\HP450\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 18. 07. 2015 at 14:07:07,39 ======================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#11 Příspěvek od Márty84 »

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu

#12 Příspěvek od Karel87 »

Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP450 at 2015-07-18 15:21:07
Microsoft Windows 8.1
System drive C: has 97 GB (64%) free of 150 GB
Total RAM: 3947 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:21:16, on 18. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\HP450.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 3DCMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [StartW8Button] C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\HP450\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Startup: Tereza.lnk = C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\Tereza.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Guard Agent Service (Guard Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Handsome Hunt - Unknown owner - C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe (file missing)
O23 - Service: HP HotSpot 1.0 Service (HotSpotSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem32.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StartW8Service - SODATSW spol. s .r.o. - C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14551 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files (x86)\StartW8\bin\StartW8Service.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\StartW8\bin\StartW8Button.exe"
C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
taskhostex.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
dashost.exe {21f19611-bf77-46c0-b25d82917c9aa2ba}
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
C:\windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\vds.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\WINDOWS\system32\GWX\GWX.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxHK.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\RtsCM64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe"
"C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
-BootProc
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\PrintIsolationHost.exe -Embedding
-BootProc
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3392.0.368361551\103203389" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3958 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3392.2.1700691554\1154883652" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3392.3.1311819258\1614857076" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3392.14.121303587\333543101" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3392.15.1076925908\953774454" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 22070674-5BC5-29C1-CBC5-88BAD1DBEAEA -Reinvoke
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_75/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3392.17.576172747\1252535725" /prefetch:673131151

"D:\Dokumenty\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\eRunway.job - c:\programdata\{c790da9a-3c96-973a-c790-0da9a3c96a68}\1719547020488097049b.exe --startup=1 --single
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\extensions\
ecihqcv_ktcg@mrnoqdkitiqvvlik.org
lmzzlpziy_syqte@tnzcmktqytikz.org

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-06-16 2335448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-09 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-05-13 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-09 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsCM"=C:\WINDOWS\RTSCM64.EXE [2013-03-07 144456]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-10-01 448912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe []
"Persistence"=C:\windows\system32\igfxpers.exe []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30 2804976]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-04 1702912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-16 53288576]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"cz.seznam.software.autoupdate"=C:\Users\HP450\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\HP450\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984]
"PPort12reminder"=C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992]
"PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"StartW8Button"=C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [2014-12-15 59752]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]

C:\Users\HP450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Tereza.lnk - C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\Tereza.exe

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-18 14:07:17 ----SHD---- C:\$RECYCLE.BIN
2015-07-18 14:04:44 ----D---- C:\WINDOWS\Temp
2015-07-18 14:04:44 ----A---- C:\WINDOWS\zoek-delete.exe
2015-07-18 13:50:07 ----D---- C:\zoek_backup
2015-07-17 20:03:59 ----D---- C:\ProgramData\Malwarebytes
2015-07-17 19:36:30 ----D---- C:\AdwCleaner
2015-07-17 17:25:56 ----D---- C:\Program Files\trend micro
2015-07-17 17:25:55 ----D---- C:\rsit
2015-07-17 14:07:38 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-07-17 14:07:37 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-07-17 14:07:36 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\wups.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-07-17 14:07:36 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-07-17 14:07:35 ----A---- C:\WINDOWS\system32\wups2.dll
2015-07-17 14:07:34 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-07-17 14:07:34 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-07-17 14:07:33 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-07-17 14:07:33 ----A---- C:\WINDOWS\system32\win32k.sys
2015-07-17 14:07:29 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-07-17 14:07:29 ----A---- C:\WINDOWS\system32\authui.dll
2015-07-17 14:07:28 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2015-07-17 14:07:28 ----A---- C:\WINDOWS\system32\msi.dll
2015-07-17 14:07:27 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2015-07-17 14:07:27 ----A---- C:\WINDOWS\system32\msiexec.exe
2015-07-17 14:07:25 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2015-07-17 14:07:25 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-07-17 14:07:24 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2015-07-17 14:07:24 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2015-07-17 14:07:24 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-07-17 14:07:24 ----A---- C:\WINDOWS\system32\msv1_0.dll
2015-07-17 14:07:24 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-07-17 14:07:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2015-07-17 14:07:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2015-07-17 14:07:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2015-07-17 14:07:24 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-07-17 14:07:23 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-07-17 14:07:23 ----A---- C:\WINDOWS\system32\certcli.dll
2015-07-17 14:07:21 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-17 14:07:21 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-07-17 14:07:21 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-17 14:07:20 ----A---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-07-17 14:07:20 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-07-17 14:07:20 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-07-17 14:07:20 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-07-17 14:07:20 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-07-17 14:07:20 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-07-17 14:07:19 ----A---- C:\WINDOWS\system32\shell32.dll
2015-07-17 14:07:17 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-07-17 14:07:16 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-07-17 14:07:16 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-17 14:07:15 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-07-17 14:07:14 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-07-17 14:07:13 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-07-17 14:07:13 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-07-17 14:07:13 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-07-17 14:07:13 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-07-17 14:06:58 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-07-17 14:06:58 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-07-17 14:06:58 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-07-17 14:06:57 ----A---- C:\WINDOWS\system32\invagent.dll
2015-07-17 14:06:57 ----A---- C:\WINDOWS\system32\devinv.dll
2015-07-17 14:06:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-17 14:06:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-07-17 14:06:56 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-07-17 14:06:55 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-07-17 14:06:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-17 14:06:55 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-07-17 14:06:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-17 14:06:54 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-07-17 14:06:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-07-17 14:06:46 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-07-17 14:06:44 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-07-17 14:06:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-07-17 14:06:25 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-07-17 14:06:24 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-07-17 14:06:23 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-07-17 14:06:23 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-07-17 14:06:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-07-17 14:06:08 ----A---- C:\WINDOWS\system32\wininet.dll
2015-07-17 14:06:08 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-07-17 14:06:03 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-07-17 14:05:58 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-07-17 14:05:58 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-07-17 14:05:58 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-07-17 14:05:58 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-07-17 14:05:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-07-17 14:05:57 ----A---- C:\WINDOWS\system32\ieui.dll
2015-07-17 14:05:56 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-07-17 14:05:56 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-07-17 14:05:55 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-07-17 14:05:54 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-07-17 14:05:52 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2015-07-17 14:05:52 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-07-17 14:05:52 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-07-17 14:05:49 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-07-17 14:05:48 ----A---- C:\WINDOWS\system32\msrating.dll
2015-07-17 14:05:47 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-07-17 14:05:46 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-07-17 14:05:45 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-07-17 14:05:45 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-07-17 14:05:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-07-17 14:05:44 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-07-17 14:05:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-07-17 14:05:43 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-07-17 14:05:43 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-07-17 14:05:43 ----A---- C:\WINDOWS\system32\jscript.dll
2015-07-17 14:05:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-07-17 14:05:18 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-07-17 14:05:15 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-07-17 14:05:14 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-07-17 14:05:12 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-07-17 14:05:09 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2015-07-17 14:05:09 ----A---- C:\WINDOWS\system32\ole32.dll
2015-07-17 14:05:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-07-17 14:05:08 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-07-17 14:05:06 ----A---- C:\WINDOWS\system32\apphelp.dll
2015-07-17 14:05:05 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-07-17 14:05:04 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-07-08 22:53:43 ----A---- C:\WINDOWS\system32\Hibiki.dll
2015-06-23 12:48:05 ----A---- C:\WINDOWS\system32\aepic.dll

======List of files/folders modified in the last 1 month======

2015-07-18 15:21:11 ----D---- C:\WINDOWS\Prefetch
2015-07-18 15:17:52 ----D---- C:\Users\HP450\AppData\Roaming\Skype
2015-07-18 15:08:32 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-18 15:00:02 ----D---- C:\WINDOWS\system32\sru
2015-07-18 14:59:36 ----SHD---- C:\WINDOWS\Installer
2015-07-18 14:59:36 ----SHD---- C:\Config.Msi
2015-07-18 14:59:36 ----RSD---- C:\WINDOWS\assembly
2015-07-18 14:59:35 ----D---- C:\WINDOWS\WinSxS
2015-07-18 14:57:04 ----D---- C:\WINDOWS\SysWOW64
2015-07-18 14:52:25 ----D---- C:\WINDOWS\system32\config
2015-07-18 14:40:17 ----D---- C:\WINDOWS\system32\catroot
2015-07-18 14:37:32 ----D---- C:\WINDOWS\rescache
2015-07-18 14:32:07 ----SHD---- C:\System Volume Information
2015-07-18 14:12:39 ----D---- C:\Users\HP450\AppData\Roaming\Seznam.cz
2015-07-18 14:09:33 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-07-18 14:08:53 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-18 14:06:34 ----HD---- C:\ProgramData
2015-07-18 14:06:31 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-07-18 14:06:31 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-07-18 14:05:55 ----D---- C:\Windows
2015-07-18 14:02:13 ----RD---- C:\Program Files (x86)
2015-07-18 14:02:13 ----D---- C:\WINDOWS\system32\Tasks
2015-07-18 14:02:13 ----D---- C:\WINDOWS\system32\GroupPolicy
2015-07-18 13:52:44 ----D---- C:\Program Files (x86)\Common Files
2015-07-18 13:51:52 ----D---- C:\WINDOWS\system32\drivers\etc
2015-07-18 13:23:15 ----D---- C:\WINDOWS\system32\drivers
2015-07-18 10:07:35 ----D---- C:\WINDOWS\PLA
2015-07-18 10:04:40 ----D---- C:\WINDOWS\Tasks
2015-07-17 19:48:16 ----RD---- C:\WINDOWS\System32
2015-07-17 19:48:16 ----D---- C:\ProgramData\StartW8
2015-07-17 19:47:25 ----D---- C:\WINDOWS\Inf
2015-07-17 19:44:29 ----D---- C:\WINDOWS\apppatch
2015-07-17 19:44:28 ----D---- C:\WINDOWS\system32\cs-CZ
2015-07-17 19:44:22 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-07-17 19:44:19 ----RD---- C:\WINDOWS\ToastData
2015-07-17 19:44:15 ----SD---- C:\WINDOWS\system32\CompatTel
2015-07-17 19:44:15 ----D---- C:\WINDOWS\system32\wbem
2015-07-17 19:44:15 ----D---- C:\WINDOWS\system32\appraiser
2015-07-17 19:44:14 ----D---- C:\WINDOWS\WinStore
2015-07-17 19:44:12 ----D---- C:\Program Files\Internet Explorer
2015-07-17 19:44:12 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-17 19:40:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-07-17 19:26:51 ----RD---- C:\Program Files
2015-07-17 19:25:50 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-07-17 19:25:50 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2015-07-17 17:11:17 ----D---- C:\WINDOWS\CbsTemp
2015-07-17 17:07:47 ----D---- C:\ProgramData\Microsoft Help
2015-07-17 16:51:55 ----A---- C:\WINDOWS\win.ini
2015-07-17 16:44:52 ----D---- C:\WINDOWS\system32\MRT
2015-07-17 16:35:13 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-07-17 16:35:13 ----SD---- C:\WINDOWS\system32\GWX
2015-07-17 13:32:41 ----D---- C:\WINDOWS\system32\catroot2
2015-07-17 13:20:55 ----D---- C:\Program Files\Windows Defender
2015-07-17 13:18:37 ----D---- C:\WINDOWS\system32\Sysprep
2015-07-17 13:18:36 ----D---- C:\WINDOWS\servicing
2015-07-17 13:18:31 ----RD---- C:\Program Files (x86)\Skype
2015-07-17 13:18:31 ----D---- C:\Program Files\Common Files\microsoft shared
2015-07-17 13:18:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-17 13:18:15 ----D---- C:\Program Files (x86)\7-Zip
2015-07-17 13:15:16 ----HD---- C:\Program Files\WindowsApps
2015-07-17 13:10:45 ----D---- C:\WINDOWS\registration
2015-07-17 13:08:54 ----D---- C:\ProgramData\Skype
2015-07-17 13:08:02 ----D---- C:\Program Files (x86)\Microsoft Office
2015-07-17 13:00:23 ----D---- C:\WINDOWS\Logs
2015-07-14 18:51:55 ----D---- C:\WINDOWS\AppReadiness
2015-07-13 23:10:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-07 13:22:55 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-03 08:43:04 ----A---- C:\WINDOWS\system32\MRT.exe
2015-07-01 09:20:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2012-12-19 58952]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2012-12-19 48200]
R0 hpdskflt;@oem32.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2013-03-02 30520]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-01-02 641672]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 EUDSKACS;EUDSKACS; \??\C:\windows\system32\drivers\eudskacs.sys [2012-12-19 18504]
R1 EUFDDISK;EUFDDISK; \??\C:\windows\system32\drivers\EuFdDisk.sys [2012-12-19 189000]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 Accelerometer;@oem32.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2013-03-02 43320]
R3 BtAudioBusSrv;@oem16.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-12-05 49632]
R3 clwcsm;@oem24.inf,%clwcsm.DeviceDesc%;CyberLink Webcam Sharing Manager 4.2; C:\WINDOWS\system32\DRIVERS\clwcsm.sys [2013-02-19 42944]
R3 HpqKbFiltr;@oem10.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2013-01-29 26504]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-12-13 342528]
R3 iwdbus;@oem44.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 MEIx64;@oem38.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-12 62784]
R3 netr28x;@oem31.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-04 2505904]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem26.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-26 772680]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;HP HD Webcam [Fixed]; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-03-07 8243144]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-02-04 544768]
R3 SynTP;@oem25.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem52.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem43.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 RSP2STOR;@oem4.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-01-11 28400]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2013-01-11 32496]
S3 ssudmdm;@oem54.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2012-12-19 69192]
R2 Guard Agent;Guard Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2012-12-19 23624]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
R2 hpsrv;@oem32.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2013-03-02 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-02 15496]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-01 319376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-10-22 130592]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-10-22 166432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-10-22 278560]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-04 332800]
R2 StartW8Service;StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [2014-12-15 620392]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-22 365600]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-06-05 266240]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-01-23 1006424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 Handsome Hunt;Handsome Hunt; C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 HotSpotSrv;HP HotSpot 1.0 Service; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [2012-12-19 357816]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-08 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu

#13 Příspěvek od Karel87 »

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015
Ran by HP450 (administrator) on HP-450 on 18-07-2015 15:54:20
Running from D:\Dokumenty\Desktop
Loaded Profiles: HP450 (Available Profiles: HP450)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Software602) C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [144456 2013-03-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-04] (IDT, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [Print2PDF Print Monitor] => C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\RunOnce: [SeznamInstall-uninstall:56581b6f28d8bd6849ee6fbcbd663b24] => C:\Users\HP450\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-07-18] () <===== ATTENTION
Startup: C:\Users\HP450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tereza.lnk [2015-05-13]
ShortcutTarget: Tereza.lnk -> C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\Tereza.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 3DCMNTDFJS
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3143886757-4230403818-1785372834-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3143886757-4230403818-1785372834-1002 -> {6430A443-9CC0-4AD0-9940-987C1058884C} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-09] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{AD34A024-E4CC-4975-A098-FBF2968ACF3C}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2015-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2011-10-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: StartCoup - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\ecihqcv_ktcg@mrnoqdkitiqvvlik.org [2015-07-16]
FF Extension: NoMore Ads - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\lmzzlpziy_syqte@tnzcmktqytikz.org [2015-06-01]
FF Extension: No Name - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-01]
CHR Extension: (Docs) - C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-01]
CHR Extension: (Google Drive) - C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-01]
CHR Extension: (YouTube) - C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-01]
CHR Extension: (Google Search) - C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-01]
CHR Extension: (Google Sheets) - C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-01]
CHR Extension: (Gmail) - C:\Users\HP450\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [69192 2012-12-19] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2012-12-19] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [357816 2012-12-19] (Hewlett-Packard Development Company, L.P.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-04] (IDT, Inc.) [File not signed]
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-12-20] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Handsome Hunt; "C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [58952 2012-12-19] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2012-12-19] () [File not signed]
R1 EUDSKACS; C:\windows\system32\drivers\eudskacs.sys [18504 2012-12-19] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\windows\system32\drivers\EuFdDisk.sys [189000 2012-12-19] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243144 2013-03-07] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-02-08] (Hewlett-Packard Development Company, L.P.)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-18 15:52 - 2015-07-18 15:54 - 00000000 ____D C:\FRST
2015-07-18 15:44 - 2015-07-18 15:51 - 00029696 _____ C:\Users\HP450\AppData\Local\MSGBOX.EXE
2015-07-18 14:07 - 2015-07-18 14:07 - 00000000 ____D C:\Users\HP450\AppData\Local\VirtualStore
2015-07-18 14:06 - 2015-07-18 14:06 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-07-18 14:04 - 2015-07-18 13:50 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-07-18 13:51 - 2015-07-18 14:07 - 00018689 _____ C:\zoek-results.log
2015-07-18 13:50 - 2015-07-18 14:03 - 00000000 ____D C:\zoek_backup
2015-07-18 13:44 - 2015-07-18 13:44 - 00000024 _____ C:\Users\HP450\AppData\Roaming\appdataFr25.bin
2015-07-17 20:03 - 2015-07-17 20:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-17 19:36 - 2015-07-17 19:40 - 00000000 ____D C:\AdwCleaner
2015-07-17 17:25 - 2015-07-18 15:21 - 00000000 ____D C:\Program Files\trend micro
2015-07-17 17:25 - 2015-07-17 17:26 - 00000000 ____D C:\rsit
2015-07-17 16:43 - 2015-06-01 20:38 - 00450716 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150717-164351.backup
2015-07-17 15:01 - 2015-07-18 15:46 - 00000032 _____ C:\WINDOWS\SysWOW64\Eu(0-00000000).OD
2015-07-17 14:07 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-17 14:07 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-07-17 14:07 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-17 14:07 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-07-17 14:07 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-07-17 14:07 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-17 14:07 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-07-17 14:07 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-17 14:07 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-17 14:07 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-17 14:07 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-17 14:07 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-17 14:07 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-17 14:07 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-17 14:07 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-17 14:07 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-17 14:07 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-17 14:07 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-17 14:07 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-17 14:07 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-07-17 14:07 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-17 14:07 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-17 14:07 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-07-17 14:07 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-07-17 14:07 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-07-17 14:07 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-07-17 14:07 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-17 14:07 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-07-17 14:07 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-07-17 14:07 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-17 14:07 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-17 14:07 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-07-17 14:07 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-17 14:07 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-17 14:07 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-17 14:07 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-17 14:07 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-17 14:07 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-17 14:07 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-17 14:07 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-17 14:07 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-17 14:07 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-17 14:07 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-17 14:07 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-07-17 14:07 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-07-17 14:07 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-17 14:07 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-07-17 14:07 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-17 14:07 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-07-17 14:07 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-07-17 14:07 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-07-17 14:07 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-07-17 14:07 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-07-17 14:07 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-07-17 14:07 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-07-17 14:07 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-07-17 14:07 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-07-17 14:07 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-07-17 14:07 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-07-17 14:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-17 14:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-17 14:06 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-17 14:06 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-17 14:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-17 14:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-17 14:06 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-17 14:06 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-17 14:06 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-17 14:06 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-17 14:06 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-17 14:06 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-07-17 14:06 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-07-17 14:06 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-07-17 14:06 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-07-17 14:06 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-07-17 14:06 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-07-17 14:06 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-07-17 14:06 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-17 14:06 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-17 14:06 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-17 14:06 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-17 14:06 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-17 14:06 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-07-17 14:06 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-07-17 14:05 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-17 14:05 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-17 14:05 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-07-17 14:05 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-07-17 14:05 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-07-17 14:05 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-07-17 14:05 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-07-17 14:05 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-07-17 14:05 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-07-17 14:05 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-07-17 14:05 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-07-17 14:05 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-07-17 14:05 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-07-17 14:05 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-07-17 14:05 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-07-17 14:05 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-17 14:05 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-17 14:05 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-07-17 14:05 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-07-17 14:05 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-07-17 14:05 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-07-17 14:05 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-07-17 14:05 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-17 14:05 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-17 14:05 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-17 14:05 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-17 14:05 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-17 14:05 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-17 14:05 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-07-17 14:05 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-17 14:05 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-17 14:05 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-17 14:05 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-17 14:05 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-17 14:05 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-07-17 14:05 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-07-17 14:05 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-07-17 14:05 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-07-17 14:05 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-07-17 14:05 - 2015-05-02 01:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-17 14:05 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-07-17 14:05 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-07-17 14:05 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-17 14:05 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-08 22:53 - 2015-07-07 14:30 - 00010752 _____ (UG North) C:\WINDOWS\system32\Hibiki.dll
2015-07-02 07:00 - 2015-07-18 13:00 - 00000368 _____ C:\WINDOWS\Tasks\eRunway.job
2015-06-23 12:48 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-18 15:43 - 2015-02-05 11:16 - 00000000 ____D C:\Users\HP450\AppData\Roaming\Skype
2015-07-18 15:42 - 2014-03-20 23:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-18 15:36 - 2015-05-27 17:20 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-07-18 15:36 - 2015-05-27 17:19 - 00000000 ____D C:\Users\HP450\AppData\Roaming\Seznam.cz
2015-07-18 15:24 - 2014-12-21 00:18 - 01304368 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-18 15:01 - 2014-03-20 22:43 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3143886757-4230403818-1785372834-1002
2015-07-18 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-18 14:58 - 2014-03-21 02:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-18 14:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-07-18 14:09 - 2013-02-22 15:59 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-07-18 14:06 - 2015-03-06 10:53 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-07-18 14:06 - 2013-11-22 04:02 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-07-18 14:06 - 2013-11-22 04:02 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-07-18 14:06 - 2013-08-22 16:46 - 00314291 _____ C:\WINDOWS\setupact.log
2015-07-18 14:06 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-18 14:05 - 2014-09-24 09:10 - 00055344 _____ C:\WINDOWS\PFRO.log
2015-07-18 14:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-07-18 10:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PLA
2015-07-17 22:48 - 2015-02-27 18:30 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0CB7EC7F-FEB4-4670-800C-CAF0F0FA7F56}
2015-07-17 19:48 - 2014-03-20 23:06 - 00000000 ____D C:\ProgramData\StartW8
2015-07-17 19:47 - 2013-08-22 16:44 - 00493112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-17 19:45 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-07-17 19:44 - 2014-12-19 10:45 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-17 19:44 - 2014-09-24 21:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-17 19:44 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-17 19:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-07-17 19:40 - 2015-06-08 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-17 19:25 - 2014-03-20 22:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-17 19:25 - 2014-03-20 22:54 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-07-17 17:11 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-17 17:07 - 2014-03-21 02:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-17 16:51 - 2012-07-26 07:26 - 00000269 _____ C:\WINDOWS\win.ini
2015-07-17 16:44 - 2014-03-21 01:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-17 16:35 - 2015-04-08 03:25 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-17 16:35 - 2015-04-08 03:25 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-17 14:08 - 2014-12-23 23:04 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-17 13:21 - 2014-12-20 23:58 - 00000000 ____D C:\Users\HP450
2015-07-17 13:20 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-07-17 13:18 - 2015-05-28 14:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-17 13:18 - 2015-02-05 11:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-17 13:18 - 2015-02-05 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-17 13:18 - 2014-03-20 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 5.5
2015-07-17 13:18 - 2014-03-20 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-17 13:18 - 2014-03-20 23:00 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-07-17 13:18 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-17 13:18 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-07-17 13:18 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2015-07-17 13:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2015-07-17 13:09 - 2014-03-20 22:31 - 00000000 ____D C:\Users\HP450\AppData\Local\Packages
2015-07-17 13:08 - 2015-02-05 11:16 - 00000000 ____D C:\ProgramData\Skype
2015-07-17 13:08 - 2013-11-22 03:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-14 20:50 - 2015-06-01 21:43 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 19:43 - 2014-03-20 23:01 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-14 18:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-13 23:10 - 2014-09-24 21:08 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2014-09-24 21:08 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 12:08 - 2015-03-06 10:49 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-03 08:43 - 2014-03-21 01:17 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-01 09:20 - 2014-09-24 18:23 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-01 09:20 - 2014-09-24 17:39 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2015-07-01 09:20 - 2014-09-24 17:39 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat

==================== Files in the root of some directories =======

2015-07-18 13:44 - 2015-07-18 13:44 - 0000024 _____ () C:\Users\HP450\AppData\Roaming\appdataFr25.bin
2015-07-18 15:44 - 2015-07-18 15:51 - 0029696 _____ () C:\Users\HP450\AppData\Local\MSGBOX.EXE
2015-05-24 18:57 - 2015-05-24 18:57 - 0000000 _____ () C:\Users\HP450\AppData\Local\Temp.dat

Files to move or delete:
====================
C:\Users\HP450\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


Some files in TEMP:
====================
C:\Users\HP450\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-18 14:33

==================== End of log ============================


Addition:


Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015
Ran by HP450 at 2015-07-18 15:55:25
Running from D:\Dokumenty\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3143886757-4230403818-1785372834-500 - Administrator - Disabled)
Guest (S-1-5-21-3143886757-4230403818-1785372834-501 - Limited - Disabled)
HP450 (S-1-5-21-3143886757-4230403818-1785372834-1002 - Administrator - Enabled) => C:\Users\HP450

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-7055 (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3703 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2627 - CyberLink Corp.)
CyberLink Webcam Sharing Manager 4 (HKLM-x32\...\InstallShield_{296F7F3B-C75A-45e9-AD22-CC19DF86E9D3}) (Version: 4.2.1.1419 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.3801 - CyberLink Corp.)
EaseUS Todo Backup Free 5.5 (HKLM-x32\...\EaseUS Todo Backup Free 5.5_is1) (Version: 5.5 - CHENGDU YIWO Tech Development Co., Ltd)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 4.6 (HKLM-x32\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: 4.6.0.7670 - Evernote Corp.)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.10.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{002EEC3F-0640-4781-A7F8-F7FD7A6CDB84}) (Version: 1.4.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 8 (HKLM-x32\...\{482FF7A0-EA03-487A-9112-862D3341B76C}) (Version: 1.2.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10220 - Realtek Semiconductor Corp.)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 5.0.12.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{357FE1E9-5890-4697-95DD-B15E01B4AA2A}) (Version: 1.3.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.7.1 - Hewlett-Packard Company)
HP Wireless Hotspot (HKLM-x32\...\{A15C2201-F69C-4DB0-AEBF-454B13B468BD}) (Version: 1.0.20.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.5.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 10.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{9041BE08-21DA-4916-EC0B-9375C5B624D9}) (Version: 11.0.737.1 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.21.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.7 - Realtek Semiconductor Corp.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{92F124CB-D9AA-4E20-93E4-7A9442878FD2}) (Version: 4.10 - Software602 a.s.)
Software602 Print2PDF (HKLM-x32\...\{32C74893-0243-4235-A6F3-201F0E5D2C03}) (Version: 9.1.11.0421 - Software602 a.s.)
StartW8 1.2.111.0 (HKLM-x32\...\{2FA895E0-C8CF-4216-90AB-C2E21A62BCB1}) (Version: 1.2.111.0 - SODATSW spol. s r. o.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3143886757-4230403818-1785372834-1002_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Image Composite Editor\ShellExtension.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3143886757-4230403818-1785372834-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

15-07-2015 10:32:17 Windows Update
17-07-2015 13:04:52 Operace obnovení
18-07-2015 13:35:51 JRT Pre-Junkware Removal

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-07-18 13:51 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0863658A-4707-4E89-BEDE-DE3C3693C63E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {55ED229C-9F8C-428B-BF64-61E86BBB471B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {5D5E3944-54AE-4430-AFCE-12D64D318F05} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {68DF6046-AAD1-46EA-A573-0061C8348C22} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30] (Synaptics Incorporated)
Task: {8F587BC8-1AA5-4733-9073-1200A46B120D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {96A1C1D0-4A7C-4B6D-B880-A7EAB5304105} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {AA1DE7D9-0596-47DB-9ADA-8169E289934A} - \eRunway No Task File <==== ATTENTION
Task: {B723F0C1-CE15-44E1-A81A-7544EE1BFC8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D93E3099-FEC0-41BD-BB34-AC6366123A10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {E4ACC704-075B-46A6-8736-66ED0ABE6493} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {E95566C8-C32B-40EB-AA62-111D18A640A8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {FE0B4739-69D2-4EE2-88B3-609142F2DDA5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\eRunway.job => c:\programdata\{c790da9a-3c96-973a-c790-0da9a3c96a68}\1719547020488097049b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-13 13:09 - 2010-12-02 03:13 - 00216576 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\Software602.dll
2013-01-10 13:25 - 2013-01-10 13:25 - 00364544 _____ () C:\windows\system32\BsExtendFunc.dll
2013-01-10 15:30 - 2013-01-10 15:30 - 00022528 _____ () C:\windows\system32\BsTrace.dll
2013-01-10 15:35 - 2013-01-10 15:35 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2013-01-10 15:35 - 2013-01-10 15:35 - 00055296 _____ () C:\windows\system32\BlueSoleilCSps.dll
2013-01-10 15:30 - 2013-01-10 15:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2013-02-22 17:05 - 2013-02-22 17:05 - 00387936 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 12:53 - 2011-07-05 12:53 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-01-10 15:35 - 2013-01-10 15:35 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2013-01-10 15:35 - 2013-01-10 15:35 - 00055296 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00097864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00035912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2014-03-20 23:00 - 2008-11-25 18:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2014-03-20 23:00 - 2004-10-05 04:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00035912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00294472 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00573000 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00468552 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00070216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00022088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2014-03-20 23:00 - 2012-12-19 23:53 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2014-03-21 00:41 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-12-27 12:00 - 2014-12-27 12:00 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\17dba063399ab5aa34a2a7495c1aa038\PSIClient.ni.dll
2013-11-22 03:43 - 2012-10-22 10:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-01-10 15:30 - 2013-01-10 15:30 - 00022528 _____ () C:\windows\SYSTEM32\BsTrace.dll
2015-07-08 09:48 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-08 09:48 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll
2015-07-15 02:42 - 2015-07-13 10:14 - 16307888 _____ () C:\Users\HP450\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\HP\HP_Hammock.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EF073E44-157C-4D3E-B435-418CE5E2DF65}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{3865975D-85CA-48E1-A35E-5419E9BABA8C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{9BA87A53-A3FF-49D8-8539-C1D7AD35D269}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{A71A266B-602A-4C76-9757-FC0FE548DA22}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{4AFC6115-3D29-4EDE-8959-8DF0B20A9F34}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{6C86C00B-AF5B-4FE5-98D5-237BF44CC857}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{1201C580-7BE9-4660-92D5-D8DAA45281E7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{9166DE0B-13F7-4053-9191-C761F9957E95}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{6EB9AE28-CF95-4C41-9582-B2140D8DDB6D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{8C697013-E87C-42EC-B291-EFBE6CCF40B8}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{646D35EA-4F72-4307-A873-BD3502F1F91B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{31E578F5-D812-46DB-A5CD-A46E9263D69F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{17C4E7E0-6185-4D27-914A-75B028653AE8}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{73CD9E57-6757-42DC-95C2-7EF4EDC2EFD3}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{D2EB6725-2D44-403B-8183-B44F73026CC9}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{92CEA417-6154-4E98-95E8-5CC7E907E3FD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{5AECF3B6-961A-4CDD-B9F5-81F48FFD786E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{7E77E889-6E19-4F1A-901E-64E3AAACEBDD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{8E895B49-1546-419A-BFD6-66A8899B8D45}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{C1537EED-50D7-4108-8C56-4998AEEBA4A3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{185DD54B-6858-451A-8907-3EDA1E07AB3A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{247CF438-B0D5-4682-9342-E6B92694B9A9}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{D01E7642-05F6-40C3-8887-3B9D2120BB42}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{A7BB19A8-13EE-497A-9D31-A10B2E683DF5}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [TCP Query User{56E46055-9E71-4A83-93C3-830F2925EC1A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{573B53E3-F292-46FC-BF37-B25EF140B4BE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C30E3C23-5F8B-4CD3-89C0-8D8E489CCE23}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{13B02C1B-CCB9-4B54-8EEC-95296B577BD3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{43D79E26-7E5C-41BE-9EBD-F7712592C05B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{403DFF6B-BBA7-415A-BA60-E53D0CDE5FAE}] => (Allow) LPort=1886
FirewallRules: [{3E455EAA-7617-4DF9-B3D3-62D70D363B78}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{094850EC-3D46-4ADB-ADDD-D1408117F2E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05CEF2E3-5167-41B9-AA3E-A990F59BF4AE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4E58DB0F-4223-4B04-BDA2-794F1A93E697}] => (Allow) D:\Dokumenty\Desktop\FRST64.exe
FirewallRules: [{18D0A8BE-3F46-4027-BA1E-96EF74CE3B7F}] => (Allow) D:\Dokumenty\Desktop\FRST64.exe
FirewallRules: [{E371324B-59AC-4C7B-A15F-F9CD991DFC17}] => (Allow) D:\Dokumenty\Desktop\FRST64.exe
FirewallRules: [{BF618574-D780-475D-BF69-89001C6A4AEE}] => (Allow) D:\Dokumenty\Desktop\FRST64.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2015 02:59:36 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Update for Microsoft Office 2013 (KB3054925) 32-Bit Edition produktu Microsoft Office Standard 2013 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (07/18/2015 02:59:27 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FLTLDR.EXE. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.

Error: (07/18/2015 02:58:35 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Definition Update for Microsoft Office 2013 (KB3054944) 32-Bit Edition produktu Microsoft Office Standard 2013 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (07/18/2015 02:58:34 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FLTLDR.EXE. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.

Error: (07/18/2015 02:58:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Security Update for Microsoft Excel 2013 (KB3054949) 32-Bit Edition produktu Microsoft Office Standard 2013 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (07/18/2015 02:58:17 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.

Error: (07/18/2015 02:57:40 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Update for Microsoft OneDrive for Business (KB3054954) 32-Bit Edition produktu Microsoft Office Standard 2013 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (07/18/2015 02:57:39 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.

Error: (07/18/2015 02:57:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Update for Microsoft Office 2013 (KB3023069) 32-Bit Edition produktu Microsoft Office Standard 2013 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (07/18/2015 02:57:17 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FLTLDR.EXE. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.


System errors:
=============
Error: (07/18/2015 02:59:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace pro Microsoft Office 2013 (KB3054925) 32bitová edice.

Error: (07/18/2015 02:58:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace definice pro Microsoft Office 2013 (KB3054944) 32bitová edice.

Error: (07/18/2015 02:58:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace zabezpečení pro Microsoft Excel 2013 (KB3054949) 32bitová edice.

Error: (07/18/2015 02:57:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace pro Microsoft OneDrive for Business (KB3054954) 32bitová edice.

Error: (07/18/2015 02:57:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace pro Microsoft Office 2013 (KB3023069) 32bitová edice.

Error: (07/18/2015 02:57:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace pro Microsoft Office 2013 (KB3023052) 32bitová edice.

Error: (07/18/2015 02:56:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace pro Microsoft Outlook 2013 (KB3054940) 32bitová edice.

Error: (07/18/2015 02:56:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace pro Microsoft Office 2013 (KB3039762) 32bitová edice.

Error: (07/18/2015 02:56:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace zabezpečení pro Microsoft PowerPoint 2013 (KB3054999) 32bitová edice.

Error: (07/18/2015 02:55:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace pro Microsoft Office 2013 (KB3054938) 32bitová edice.


Microsoft Office:
=========================
Error: (07/18/2015 02:59:36 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Standard 2013Update for Microsoft Office 2013 (KB3054925) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (07/18/2015 02:59:27 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FLTLDR.EXE. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 02:58:35 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Standard 2013Definition Update for Microsoft Office 2013 (KB3054944) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (07/18/2015 02:58:34 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FLTLDR.EXE. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 02:58:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Standard 2013Security Update for Microsoft Excel 2013 (KB3054949) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (07/18/2015 02:58:17 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 02:57:40 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Standard 2013Update for Microsoft OneDrive for Business (KB3054954) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (07/18/2015 02:57:39 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/18/2015 02:57:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft Office Standard 2013Update for Microsoft Office 2013 (KB3023069) 32-Bit Edition1603(NULL)(NULL)(NULL)

Error: (07/18/2015 02:57:17 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Standard 2013 – Chyba 1402Instalační program nemůže otevřít klíč registru HKEY_LOCAL_MACHINE32\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FLTLDR.EXE. Ověřte, že máte dostatečná oprávnění pro přístup k registru, nebo se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
Date: 2015-07-18 14:43:59.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:09.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:09.466
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:08.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:08.607
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:08.153
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:07.872
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:07.294
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:06.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-07-18 13:53:06.528
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 65%
Total physical RAM: 3946.58 MB
Available physical RAM: 1360.44 MB
Total Virtual: 7530.58 MB
Available Virtual: 4376.32 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:146.68 GB) (Free:94.49 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:300.26 GB) (Free:230.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A50E1C7D)

Partition: GPT Partition Type.

==================== End of log ============================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#14 Příspěvek od Márty84 »

Jelikoz to nebylo ve spravnem umisteni (na plose), neprobehlo to uplne tak, jak melo, no ale aspon tak.


:arrow: Odinstalujte kompletne chrome. Je s nim problem, ktery nejde odstranit skriptem. Musite ho odstranit se vsim, vcetne nastaveni a profilu.
Pokud nechcete prijit o zalozky, pripadne hesla, muzete si je zazalohovat pomoci programku chrome backup http://www.stahuj.centrum.cz/internet_a ... me-backup/



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\RunOnce: [SeznamInstall-uninstall:56581b6f28d8bd6849ee6fbcbd663b24] => C:\Users\HP450\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-07-18] () <===== ATTENTION
Startup: C:\Users\HP450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tereza.lnk [2015-05-13]
ShortcutTarget: Tereza.lnk -> C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\Tereza.exe (No File)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 3DCMNTDFJS
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

FF Extension: StartCoup - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\ecihqcv_ktcg@mrnoqdkitiqvvlik.org [2015-07-16]
FF Extension: NoMore Ads - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\lmzzlpziy_syqte@tnzcmktqytikz.org [2015-06-01]
FF Extension: No Name - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]

S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Handsome Hunt; "C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe" [X]

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 3733a40e;PatternGenerators; C:\WINDOWS\syswow64\rundll32.exe [2014-10-29 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []

2015-07-18 14:04 - 2015-07-18 13:50 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-07-18 13:51 - 2015-07-18 14:07 - 00018689 _____ C:\zoek-results.log
2015-07-18 13:50 - 2015-07-18 14:03 - 00000000 ____D C:\zoek_backup
2015-07-17 20:03 - 2015-07-17 20:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-17 19:25 - 2014-03-20 22:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-17 19:25 - 2014-03-20 22:54 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy

Task: {AA1DE7D9-0596-47DB-9ADA-8169E289934A} - \eRunway No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\eRunway.job => c:\programdata\{c790da9a-3c96-973a-c790-0da9a3c96a68}\1719547020488097049b.exe <==== ATTENTION

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Karel87
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 17 črc 2015 16:34

Re: Prosím o kontrolu logu

#15 Příspěvek od Karel87 »

Hotovo, kopíruji fixlog :)

Fix result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by HP450 at 2015-07-18 17:07:12 Run:1
Running from D:\Dokumenty\Desktop
Loaded Profiles: HP450 (Available Profiles: HP450)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\...\RunOnce: [SeznamInstall-uninstall:56581b6f28d8bd6849ee6fbcbd663b24] => C:\Users\HP450\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-07-18] () <===== ATTENTION
Startup: C:\Users\HP450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tereza.lnk [2015-05-13]
ShortcutTarget: Tereza.lnk -> C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\Tereza.exe (No File)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www MSN.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www MSN.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 3DCMNTDFJS
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1

FF Extension: StartCoup - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\ecihqcv_ktcg@mrnoqdkitiqvvlik.org [2015-07-16]
FF Extension: NoMore Ads - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\lmzzlpziy_syqte@tnzcmktqytikz.org [2015-06-01]
FF Extension: No Name - C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]

S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Handsome Hunt; "C:\Program Files (x86)\Handsome Hunt\Handsome Hunt.exe" [X]

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 3733a40e;PatternGenerators; C:\WINDOWS\syswow64\rundll32.exe [2014-10-29 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []

2015-07-18 14:04 - 2015-07-18 13:50 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-07-18 13:51 - 2015-07-18 14:07 - 00018689 _____ C:\zoek-results.log
2015-07-18 13:50 - 2015-07-18 14:03 - 00000000 ____D C:\zoek_backup
2015-07-17 20:03 - 2015-07-17 20:03 - 00000000 ____D C:\ProgramData MALWAREBYTES
2015-07-17 19:25 - 2014-03-20 22:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-17 19:25 - 2014-03-20 22:54 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy

Task: {AA1DE7D9-0596-47DB-9ADA-8169E289934A} - \eRunway No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\eRunway.job => c:\programdata\{c790da9a-3c96-973a-c790-0da9a3c96a68}\1719547020488097049b.exe <==== ATTENTION

HOSTS
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Service 16 => value removed successfully
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:56581b6f28d8bd6849ee6fbcbd663b24 => value removed successfully
C:\Users\HP450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tereza.lnk => moved successfully.
C:\ProgramData\{a8e8631f-0921-4338-a8e8-8631f0928c7c}\Tereza.exe not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3143886757-4230403818-1785372834-1002\Software\Microsoft\Internet Explorer\Main\\First Home Page => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}" => key removed successfully
HKCR\Wow6432Node\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\ecihqcv_ktcg@mrnoqdkitiqvvlik.org => moved successfully.
C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\Extensions\lmzzlpziy_syqte@tnzcmktqytikz.org => moved successfully.
C:\Users\HP450\AppData\Roaming\Mozilla\Firefox\Profiles\32szka3d.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} not found.
gupdate => Service removed successfully
gupdatem => Service removed successfully
Handsome Hunt => Service removed successfully
MBAMSwissArmy => Service removed successfully
AdobeARMservice => Service removed successfully
3733a40e => Service not found.
gupdate => Service not found.
SBSDWSCService => Service not found.
SkypeUpdate => Service removed successfully
AdobeFlashPlayerUpdateSvc => Service removed successfully
gupdatem => Service not found.
C:\WINDOWS\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
"C:\ProgramData MALWAREBYTES" => File/Folder not found.
C:\ProgramData\Spybot - Search & Destroy => moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA1DE7D9-0596-47DB-9ADA-8169E289934A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1DE7D9-0596-47DB-9ADA-8169E289934A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\eRunway" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\WINDOWS\Tasks\eRunway.job => moved successfully.
HOSTS => Error: No automatic fix found for this entry.
EmptyTemp: => 87.4 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 17:07:46 ====
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“